gpg: Add new option --only-sign-text-ids.

* g10/options.h (opt): Add field only_sign_text_ids. * g10/gpg.c (enum cmd_and_opt_values): Add value oOnlySignTextIDs. (opts): Handle oOnlySignTextIDs. (main): Likewise. * g10/keyedit.c (sign_uids): If OPT.ONLY_SIGN_TEXT_IDS is set, don't select non-text based IDs automatically. (keyedit_menu): Adapt the prompt asking to sign all user ids according to OPT.ONLY_SIGN_TEXT_IDS. * doc/gpg.texi: Document the new option --only-sign-text-ids. -- Signed-off-by: Neal H. Walfield <[email protected]> GnuPG-bug-id: 1241 Debian-bug-id: 569702
author: Neal H. Walfield <[email protected]> 2015-11-06 12:14:57 +0000
committer: Neal H. Walfield <[email protected]> 2015-11-06 12:16:37 +0000
commit: a74aeb5dae1f673fcd98b39a6a0496f3c622709a (patch)
tree: 5e48cfbf2cece79d752be12c7a283ff792ac984d
parent: common: When classifying keyids and fingerprints, reject trailing junk. (diff)
download: gnupg-a74aeb5dae1f673fcd98b39a6a0496f3c622709a.tar.gz
gnupg-a74aeb5dae1f673fcd98b39a6a0496f3c622709a.zip
4 files changed, 46 insertions, 16 deletions
diff --git a/doc/gpg.texi b/doc/gpg.texi
index 246b441bd..dcef49506 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -650,6 +650,10 @@ and "t" (for trust) may be freely mixed and prefixed to "sign" to
 create a signature of any type desired.
 @c man:.RE
 
+If the option @option{--only-sign-text-ids} is specified, then any
+non-text based user ids (e.g., photo IDs) will not be selected for
+signing.
+
 @table @asis
 
   @item delsig
diff --git a/g10/gpg.c b/g10/gpg.c
index b15be9131..e47b7f5d7 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -392,6 +392,7 @@ enum cmd_and_opt_values
     oTOFUDBFormat,
     oWeakDigest,
     oUnwrap,
+    oOnlySignTextIDs,
 
     oNoop
   };
@@ -755,6 +756,7 @@ static ARGPARSE_OPTS opts[] = {
   ARGPARSE_s_s (oFakedSystemTime, "faked-system-time", "@"),
   ARGPARSE_s_s (oWeakDigest, "weak-digest","@"),
   ARGPARSE_s_n (oUnwrap, "unwrap", "@"),
+  ARGPARSE_s_n (oOnlySignTextIDs, "only-sign-text-ids", "@"),
 
   /* Aliases.  I constantly mistype these, and assume other people do
      as well. */
@@ -3308,6 +3310,9 @@ main (int argc, char **argv)
           case oUnwrap:
             opt.unwrap_encryption = 1;
             break;
+          case oOnlySignTextIDs:
+            opt.only_sign_text_ids = 1;
+            break;
 
           case oDisplay:
             set_opt_session_env ("DISPLAY", pargs.r.ret_str);
diff --git a/g10/keyedit.c b/g10/keyedit.c
index afa6f856b..16b0ceccd 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -1,6 +1,7 @@
 /* keyedit.c - Edit properties of a key
  * Copyright (C) 1998-2010 Free Software Foundation, Inc.
  * Copyright (C) 1998-2015 Werner Koch
+ * Copyright (C) 2015 g10 Code GmbH
  *
  * This file is part of GnuPG.
  *
@@ -614,7 +615,16 @@ sign_uids (ctrl_t ctrl, estream_t fp,
                   user = utf8_to_native (uidnode->pkt->pkt.user_id->name,
                                          uidnode->pkt->pkt.user_id->len, 0);
 
-		  if (uidnode->pkt->pkt.user_id->is_revoked)
+                  if (opt.only_sign_text_ids
+                      && uidnode->pkt->pkt.user_id->attribs)
+                    {
+                      tty_fprintf (fp, _("Skipping User ID \"%s\","
+                                         " which is not a text ID.\n"),
+                                   user);
+                      uidnode->flag &= ~NODFLG_MARK_A;
+                      uidnode = NULL;
+                    }
+		  else if (uidnode->pkt->pkt.user_id->is_revoked)
 		    {
 		      tty_fprintf (fp, _("User ID \"%s\" is revoked."), user);
 
@@ -1742,21 +1752,31 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
 		  }
 	      }
 
-	    if (count_uids (keyblock) > 1 && !count_selected_uids (keyblock)
-		&& !cpr_get_answer_is_yes ("keyedit.sign_all.okay",
-					   _("Really sign all user IDs?"
-					     " (y/N) ")))
-	      {
-		if (opt.interactive)
-		  interactive = 1;
-		else
-		  {
-		    tty_printf (_("Hint: Select the user IDs to sign\n"));
-		    have_commands = 0;
-		    break;
-		  }
-
-	      }
+	    if (count_uids (keyblock) > 1 && !count_selected_uids (keyblock))
+              {
+                int result;
+                if (opt.only_sign_text_ids)
+                  result = cpr_get_answer_is_yes
+                    ("keyedit.sign_all.okay",
+                     _("Really sign all user IDs? (y/N) "));
+                else
+                  result = cpr_get_answer_is_yes
+                    ("keyedit.sign_all.okay",
+                     _("Really sign all text user IDs? (y/N) "));
+
+                if (! result)
+                  {
+                    if (opt.interactive)
+                      interactive = 1;
+                    else
+                      {
+                        tty_printf (_("Hint: Select the user IDs to sign\n"));
+                        have_commands = 0;
+                        break;
+                      }
+
+                  }
+              }
 	    /* What sort of signing are we doing? */
 	    if (!parse_sign_type
 		(answer, &localsig, &nonrevokesig, &trustsig))
diff --git a/g10/options.h b/g10/options.h
index c8541b2e4..68f5d391a 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -264,6 +264,7 @@ struct
   int pinentry_mode;
 
   int unwrap_encryption;
+  int only_sign_text_ids;
 } opt;
 
 /* CTRL is used to keep some global variables we currently can't
author	Neal H. Walfield <[email protected]>	2015-11-06 12:14:57 +0000
committer	Neal H. Walfield <[email protected]>	2015-11-06 12:16:37 +0000
commit	a74aeb5dae1f673fcd98b39a6a0496f3c622709a (patch)
tree	5e48cfbf2cece79d752be12c7a283ff792ac984d
parent	common: When classifying keyids and fingerprints, reject trailing junk. (diff)
download	gnupg-a74aeb5dae1f673fcd98b39a6a0496f3c622709a.tar.gz gnupg-a74aeb5dae1f673fcd98b39a6a0496f3c622709a.zip